[oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri May 11 13:55:50 CEST 2012

On Mon, May 7, 2012 at 1:06 PM, Sam Varshavchik <mrsam at courier-mta.com> wrote:

> Debian installs /etc/ssl/certs/ca-certificates.crt. Fedora, and its
> derivations, (Red Hat, Cent-OS) have /etc/pki/tls/cert.pem installed.
> FreeBSD has /usr/local/share/certs/ca-root-nss.crt
> The standard practice on Fedora is to have applications configured or
> patched to use its default /etc/pki/tls/cert.pem certificate bundle.

Thanks to Ludwig the next releases of gnutls would include a new function,
gnutls_certificate_set_x509_system_trust(), which will use the system's
trusted certificates, which are determined at configure time. Are there any
comments or suggestions on this functionality?


More information about the Gnutls-devel mailing list